{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24312", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "dateReserved": "2026-01-21T22:15:25.361Z", "datePublished": "2026-02-10T03:03:19.917Z", "dateUpdated": "2026-02-10T17:17:48.810Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SAP Business Workflow", "vendor": "SAP_SE", "versions": [{"status": "affected", "version": "SAP_BASIS 752"}, {"status": "affected", "version": "SAP_BASIS 753"}, {"status": "affected", "version": "SAP_BASIS 754"}, {"status": "affected", "version": "SAP_BASIS 755"}, {"status": "affected", "version": "SAP_BASIS 756"}, {"status": "affected", "version": "SAP_BASIS 757"}, {"status": "affected", "version": "SAP_BASIS 758"}, {"status": "affected", "version": "SAP_BASIS 816"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application.</p>"}], "value": "An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "CWE-862: Missing Authorization", "lang": "eng", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2026-02-10T03:03:19.917Z"}, "references": [{"url": "https://me.sap.com/notes/3710111"}, {"url": "https://url.sap/sapsecuritypatchday"}], "source": {"discovery": "UNKNOWN"}, "title": "Missing authorization check in SAP Business Workflow", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-10T17:17:39.457732Z", "id": "CVE-2026-24312", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-10T17:17:48.810Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24312", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-10T17:17:39.457732Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-10T17:17:43.512Z"}}], "cna": {"title": "Missing authorization check in SAP Business Workflow", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SAP_SE", "product": "SAP Business Workflow", "versions": [{"status": "affected", "version": "SAP_BASIS 752"}, {"status": "affected", "version": "SAP_BASIS 753"}, {"status": "affected", "version": "SAP_BASIS 754"}, {"status": "affected", "version": "SAP_BASIS 755"}, {"status": "affected", "version": "SAP_BASIS 756"}, {"status": "affected", "version": "SAP_BASIS 757"}, {"status": "affected", "version": "SAP_BASIS 758"}, {"status": "affected", "version": "SAP_BASIS 816"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://me.sap.com/notes/3710111"}, {"url": "https://url.sap/sapsecuritypatchday"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application.", "supportingMedia": [{"type": "text/html", "value": "<p>An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "eng", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2026-02-10T03:03:19.917Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24312", "state": "PUBLISHED", "dateUpdated": "2026-02-10T17:17:48.810Z", "dateReserved": "2026-01-21T22:15:25.361Z", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "datePublished": "2026-02-10T03:03:19.917Z", "assignerShortName": "sap"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:sap_basis:752:*:*:*:*:*:*:*", "matchCriteriaId": "8C121CC9-26F6-4103-8EB0-BAFF6B5B5FE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sap_basis:753:*:*:*:*:*:*:*", "matchCriteriaId": "86086D00-10BF-4C55-8D87-82CCBE468153", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sap_basis:754:*:*:*:*:*:*:*", "matchCriteriaId": "2F25246A-D9E5-4F0D-B91A-478D4E5570DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sap_basis:755:*:*:*:*:*:*:*", "matchCriteriaId": "0218695F-C4AD-46BF-B176-F10C644A9C2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sap_basis:756:*:*:*:*:*:*:*", "matchCriteriaId": "FC9E7C3E-1005-450A-9198-E014C1BAADBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sap_basis:757:*:*:*:*:*:*:*", "matchCriteriaId": "3A177AB1-CC85-46EF-91DF-462096608C9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sap_basis:758:*:*:*:*:*:*:*", "matchCriteriaId": "F7591F81-708C-4285-9BB2-F2B4BDB9759B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sap_basis:816:*:*:*:*:*:*:*", "matchCriteriaId": "EF7825FC-2F0F-4096-BE41-67B4DCC4F7DE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application."}, {"lang": "es", "value": "Una verificaci\u00f3n de autorizaci\u00f3n err\u00f3nea en SAP Business Workflow conduce a escalada de privilegios. Un usuario administrativo autenticado puede eludir las restricciones de rol aprovechando permisos de una funci\u00f3n menos sensible para ejecutar acciones no autorizadas y de alto privilegio. Esto tiene un alto impacto en la integridad de los datos, con bajo impacto en la confidencialidad y sin impacto en la disponibilidad de la aplicaci\u00f3n."}], "id": "CVE-2026-24312", "lastModified": "2026-02-17T15:32:58.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 4.2, "source": "cna@sap.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-10T04:16:03.663", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required"], "url": "https://me.sap.com/notes/3710111"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://url.sap/sapsecuritypatchday"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "cna@sap.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 752"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 753"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 754"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 755"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 756"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 757"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 758"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SAP_BASIS 816"}}], "product": "business_workflow", "vendor": "sap"}], "analysis": {"en": {"generated_at": "2026-04-17T20:57:30.131921+00:00", "value": {"mitigation_remediation": ["Apply the security patch referenced in SAP Note 3710111, which corrects the authentication flaw in SAP Business Workflow.", "Use SAP Update Manager or other delivery tools to confirm that the latest SAP Basis 752\u2011816 images contain the fixed code and that all affected modules are updated.", "After patching, audit workflow roles and permissions to verify that no user who should not have elevated access can invoke the vulnerable function."], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Affected: SAP Business Workflow as provided by SAP SE. The list of affected operating environments includes the various SAP Basis versions from 752 to 816 as recorded in the CPE list. No specific version information or build numbers are supplied; the impact is limited to instances of SAP Business Workflow running within those SAP Basis releases.", "description_and_impact": "The vulnerability is an erroneous authorization check in SAP Business Workflow that allows a legitimate administrator to bypass role restrictions. The flaw lets an authenticated admin use permissions from a lower\u2011privilege function to perform higher\u2011privilege actions, resulting in a high impact on data integrity, a low impact on confidentiality, and no impact on availability. The weakness aligns with the CWE\u2011862 \u201cMissing Authorization\u201d category.", "risk_and_exploitability": "CVSS score 5.2 indicates moderate severity. EPSS below 1% indicates a very low but non\u2011zero probability that this flaw is actively exploited. The vulnerability is not listed in the CISA KEV catalog. The attacker needs to be an authenticated administrator. Based on the description, the attack vector is internal: the exploit requires legitimate credentials and privileged access to the workflow system, with no disclosed public remote exploit. The method involves leveraging a less sensitive function to elevate privileges within the same application session, so exploitation conditions include the presence of the faulty authorization check and an account with administrative rights. As a result, the compromise risk remains moderate but confined to systems where administrative accounts are compromised or misconfigured."}}}}, "created": "2026-02-10T15:37:17.555330+00:00", "updated": "2026-04-17T21:00:12.727478+00:00", "vendors": ["sap", "sap$PRODUCT$business_workflow"]}